Skip to content

Commit

Permalink
fix(RELEASE-1339): no longer consult .sign.request (#733)
Browse files Browse the repository at this point in the history
- use the task default for the request pipeline name

Signed-off-by: Scott Hebert <[email protected]>
  • Loading branch information
scoheb authored Dec 6, 2024
1 parent ff5523d commit f0f4628
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 10 deletions.
5 changes: 3 additions & 2 deletions tasks/sign-base64-blob/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ Creates an InternalRequest to sign a base64 encoded blob
| Name | Description | Optional | Default value |
|----------------------|-------------------------------------------------------------------------------------------|----------|-----------------------|
| dataPath | Path to the JSON string of the merged data to use in the data workspace | No | - |
| request | Signing pipeline name to handle this request | Yes | blob-signing-pipeline |
| referenceImage | The image to be signed | No | - |
| manifestDigestImage | Manifest Digest Image used to extract the SHA | Yes | "" |
| requester | Name of the user that requested the signing, for auditing purposes | No | - |
Expand All @@ -22,11 +21,13 @@ Creates an InternalRequest to sign a base64 encoded blob
```
data:
sign:
request: <signing pipeline name>
pipelineImage: <image pullspec>
configMapName: <configmap name>
```

## Changes in 2.4.0
* No longer examine `.data.sign.request` to obtain the Signing pipeline name. Use the default - blob-signing-pipeline

## Changes in 2.3.0
* Updated the base image used in this task

Expand Down
9 changes: 2 additions & 7 deletions tasks/sign-base64-blob/sign-base64-blob.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ kind: Task
metadata:
name: sign-base64-blob
labels:
app.kubernetes.io/version: "2.3.0"
app.kubernetes.io/version: "2.4.0"
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: release
Expand All @@ -15,10 +15,6 @@ spec:
- name: dataPath
description: Path to the JSON string of the merged data to use in the data workspace
type: string
- name: request
type: string
description: Signing pipeline name to handle this request
default: "blob-signing-pipeline"
- name: blob
type: string
description: The base64 encoded blob to be signed.
Expand Down Expand Up @@ -54,7 +50,6 @@ spec:
exit 1
fi
request=$(jq -r '.sign.request // "$(params.request)"' ${DATA_FILE})
default_pipeline_image="quay.io/redhat-isv/operator-pipelines-images:9ea90b42456fcdf66edf4b15c0c0487ba5fa3ee3"
pipeline_image=$(jq -r --arg default_pipeline_image ${default_pipeline_image} \
'.sign.pipelineImage // $default_pipeline_image' ${DATA_FILE})
Expand All @@ -65,7 +60,7 @@ spec:
echo "- blob=$(params.blob)"
echo "- requester=$(params.requester)"
internal-request -r "${request}" \
internal-request -r "blob-signing-pipeline" \
-p pipeline_image=${pipeline_image} \
-p blob=$(params.blob) \
-p requester=$(params.requester) \
Expand Down
1 change: 0 additions & 1 deletion tasks/sign-base64-blob/tests/test-sign-base64-blob.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ spec:
cat > $(workspaces.data.path)/data.json << EOF
{
"sign": {
"request": "blob-signing-pipeline",
"configMapName": "signing-config-map"
}
}
Expand Down

0 comments on commit f0f4628

Please sign in to comment.